From e4ddaa0fed6eee11ea77693b6aafec42b416c728 Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:10:38 -0500 Subject: [PATCH 1/6] Introducing automated builds for this image. --- .forgejo/workflows/pull_request.yaml | 29 ++++++++++++++++++++++++++++ .pre-commit-config.yaml | 13 +++++++++++++ README.md | 6 +++++- 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 .forgejo/workflows/pull_request.yaml create mode 100644 .pre-commit-config.yaml diff --git a/.forgejo/workflows/pull_request.yaml b/.forgejo/workflows/pull_request.yaml new file mode 100644 index 0000000..fc492c8 --- /dev/null +++ b/.forgejo/workflows/pull_request.yaml @@ -0,0 +1,29 @@ +on: + pull_request: + types: [opened, synchronize, reopened] + +defaults: + run: + shell: bash + +jobs: + ci_image_build: + runs-on: docker + container: + image: mgoltzsche/podman:rootless + name: 'Build and Test CI Image' + env: + IMAGE_TAG: registry.garrity.co:8443/gs/ci-scala:pre-release + steps: + - uses: actions/checkout@v4 + name: 'Checkout Repository' + with: + fetch-depth: 0 + - name: 'Pre-Commit' + run: | + pre-commit install + pre-commit run --all-files + - name: 'Build and Push Pre-Release' + run: | + podman build --tag "$IMAGE_TAG" . + podman push "$IMAGE_TAG" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..7f16c0e --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,13 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + - id: fix-byte-order-marker + - id: mixed-line-ending + args: ['--fix=lf'] + description: Enforces using only 'LF' line endings. + - id: trailing-whitespace + - id: check-yaml diff --git a/README.md b/README.md index ad5777d..51941b7 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,8 @@ # ci-scala Produces a container image suitable for Scala builds within the Garrity Software -ecosystem. +ecosystem. This image is not useable outside of the GS build environment. + +``` +registry.garrity.co:8443/gs/ci-scala:latest +``` -- 2.43.0 From e1503bd072fd9246790572ee6b10ffabd5bf5759 Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:13:32 -0500 Subject: [PATCH 2/6] Minor pump for diagnostic information. --- .forgejo/workflows/pull_request.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/pull_request.yaml b/.forgejo/workflows/pull_request.yaml index fc492c8..aca6211 100644 --- a/.forgejo/workflows/pull_request.yaml +++ b/.forgejo/workflows/pull_request.yaml @@ -25,5 +25,6 @@ jobs: pre-commit run --all-files - name: 'Build and Push Pre-Release' run: | + echo "Building and pushing pre-release: $IMAGE_TAG" podman build --tag "$IMAGE_TAG" . podman push "$IMAGE_TAG" -- 2.43.0 From 705da2ddc7e3e1e709b5ada5c30163ba8b378950 Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:15:08 -0500 Subject: [PATCH 3/6] Use a version that exists. --- .forgejo/workflows/pull_request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/pull_request.yaml b/.forgejo/workflows/pull_request.yaml index aca6211..de0d3e3 100644 --- a/.forgejo/workflows/pull_request.yaml +++ b/.forgejo/workflows/pull_request.yaml @@ -10,7 +10,7 @@ jobs: ci_image_build: runs-on: docker container: - image: mgoltzsche/podman:rootless + image: mgoltzsche/podman:4.9-minimal name: 'Build and Test CI Image' env: IMAGE_TAG: registry.garrity.co:8443/gs/ci-scala:pre-release -- 2.43.0 From 8efacdcd3e00097c3c4c7a82232c27dd31c7b25d Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:32:50 -0500 Subject: [PATCH 4/6] Rework in terms of a new CI image. --- .forgejo/workflows/pull_request.yaml | 3 +-- build-and-push | 6 ++++-- build-and-run | 8 +++++--- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.forgejo/workflows/pull_request.yaml b/.forgejo/workflows/pull_request.yaml index de0d3e3..3d456a7 100644 --- a/.forgejo/workflows/pull_request.yaml +++ b/.forgejo/workflows/pull_request.yaml @@ -10,7 +10,7 @@ jobs: ci_image_build: runs-on: docker container: - image: mgoltzsche/podman:4.9-minimal + image: registry.garrity.co:8443/gs/ci-containers:latest name: 'Build and Test CI Image' env: IMAGE_TAG: registry.garrity.co:8443/gs/ci-scala:pre-release @@ -25,6 +25,5 @@ jobs: pre-commit run --all-files - name: 'Build and Push Pre-Release' run: | - echo "Building and pushing pre-release: $IMAGE_TAG" podman build --tag "$IMAGE_TAG" . podman push "$IMAGE_TAG" diff --git a/build-and-push b/build-and-push index 5cb4694..b4992f7 100755 --- a/build-and-push +++ b/build-and-push @@ -1,4 +1,6 @@ #!/bin/sh -podman build --tag registry.garrity.co:8443/gs/ci-scala:latest . -podman push registry.garrity.co:8443/gs/ci-scala:latest +readonly image_tag="registry.garrity.co:8443/gs/ci-scala:latest" + +podman build --tag "$image_tag" . +podman push "$image_tag" diff --git a/build-and-run b/build-and-run index 3a1713e..93181e7 100755 --- a/build-and-run +++ b/build-and-run @@ -1,4 +1,6 @@ -#!/bin/sh +#!/bin/bash -podman build --tag registry.garrity.co:8443/gs/ci-scala:latest . -podman run --rm -it --entrypoint bash registry.garrity.co:8443/gs/ci-scala:latest +readonly image_tag="registry.garrity.co:8443/gs/ci-scala:latest" + +podman build --tag "$image_tag" . +podman run --rm -it --entrypoint bash "$image_tag" -- 2.43.0 From f201a3cc66b0fadd84e6bf83d909e351ab06609f Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:39:52 -0500 Subject: [PATCH 5/6] Adding support for the GS registry. --- Containerfile | 6 +++++- registry.garrity.co.crt | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 registry.garrity.co.crt diff --git a/Containerfile b/Containerfile index e403ec0..abc7c36 100644 --- a/Containerfile +++ b/Containerfile @@ -9,9 +9,13 @@ ENV SBT_VERSION ${SBT_VERSION:-1.9.9} # python3 is required for pre-commit # docker is required for certain DinD cases RUN apt-get update -RUN apt-get install -y curl git docker python3 python3-pip nodejs +RUN apt-get install -y curl git docker python3 python3-pip nodejs ca-certificates RUN pip3 install pre-commit +# Ensure that this image recognizes the self-signed registry certificate. +COPY registry.garrity.co.crt /usr/local/share/ca-certificates +RUN update-ca-certificates + # Create the user - builds do not run as root. RUN groupadd -g 1111 -r builder RUN useradd -u 1111 -m -g 1111 -r -s /bin/bash builder diff --git a/registry.garrity.co.crt b/registry.garrity.co.crt new file mode 100644 index 0000000..a74fcba --- /dev/null +++ b/registry.garrity.co.crt @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGITCCBAmgAwIBAgIUR4lgvhfqxhyfD/gwLpA4U/V26UMwDQYJKoZIhvcNAQEL +BQAwgY8xCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlNaW5uZXNvdGExFDASBgNVBAcM +C0Jsb29taW5ndG9uMRkwFwYDVQQKDBBHYXJyaXR5IFNvZnR3YXJlMRwwGgYDVQQD +DBNyZWdpc3RyeS5nYXJyaXR5LmNvMR0wGwYJKoZIhvcNAQkBFg5wZm1AZ2Fycml0 +eS5jbzAeFw0yNDAzMTYxNDQ1MjNaFw0yNTAzMTYxNDQ1MjNaMIGPMQswCQYDVQQG +EwJVUzESMBAGA1UECAwJTWlubmVzb3RhMRQwEgYDVQQHDAtCbG9vbWluZ3RvbjEZ +MBcGA1UECgwQR2Fycml0eSBTb2Z0d2FyZTEcMBoGA1UEAwwTcmVnaXN0cnkuZ2Fy +cml0eS5jbzEdMBsGCSqGSIb3DQEJARYOcGZtQGdhcnJpdHkuY28wggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDvX5tz1Ujod4fxrJuLmwr6CsFVofYeoKlh +Bpy8qFS0JDHGL5nXHGNoy96zJd9Do7A//e3S1mJDAgKAlCBuCy6VkI1cdOBQoHPx +GjmtcvvryZBx+jTHKterlZPkdb2orrsfULpnpINH3ymGngXrNCcDTt6JoNeq1XfP +/YPXRtklaK0h1pe6w3p/69D7KmwtJVFjQe22JnSC1tT4CXwwK2vRT+Q6lrIn9nk0 +ZLTCu592CELpyvqLiasv3zO8gpmD+Am3Yo2RuCd2imkV6urg7iXd5w4cikNlxreZ +LDidnbsUM3U+q5IcNufO28+KlDETOQALYHVhtT4FE6eSqCPeXm2NTuxG2ENbDz3U +n24GduSFC+F2im2Aejtz2QtMVcgGK03cmTXJj86UVVPweEerZ/lS8LenX1jpZoju +QGV/9/EDv5+DZWyP1oKjbQ7936/4gF4toobvASaPOsbB0WMvhi/Iaqpp0JNpymfB +xcsmJoBC67EAYLijtpfa5qoeQwaNSLRlByb3+pI6FkE7Sh4W/l15lnyDXVJ+9z78 +CvxCU6+6zrpJqWQFMA55Izz1d2lRNRKvzWzxcRW4CXUOaRBniI4M1ZGZrkx09DLm +9VX0JqAbiUbltuEY8ul9V/lOOyX5YkXNOxT6XTfX2NTglZr8n6/7b+v9leJr/HsS +WwrT/iYObQIDAQABo3MwcTAdBgNVHQ4EFgQU0r57vD+mMmIztQqN/BvBHNvtk60w +HwYDVR0jBBgwFoAU0r57vD+mMmIztQqN/BvBHNvtk60wDwYDVR0TAQH/BAUwAwEB +/zAeBgNVHREEFzAVghNyZWdpc3RyeS5nYXJyaXR5LmNvMA0GCSqGSIb3DQEBCwUA +A4ICAQAxLuEHrl5SQOdHqVUna51K6PzMkChqo2RttymIRE1o1eXnE2dvhMH7lg8b +rr8e0hZkjLHo8E1kJiBXpf1NOHqCt8BHf0BAvXO8iOuJNgZvC6TPoSa7c7ASXWE+ +wuhJZO4jvnPRXnwSNXPnqqBAahMCD7KAClOxdySiS5TS+IPPUu4fZMowKMPeUg6z +p70K1F3tT2AVLxlMJrwANX2nqWyRKo91pM+rOp7A+++NBlxHQ3gU7dMmDUpq7mjv +HdNlox9tPup+/vhFivtdSii9y7pitz3UEk3gvRQ2pLdzJq0tfnkVEwqQf4TalxEO +zedZqzEeWmeJ8500CQExROV/ezgYdKtPxHr5M5KsEHILjfDZdREvY7WaUqa7Jz7k +cIcbD6RyzobL+Ha3hOR9tmd09d2EeCbCFF9Mz65JM0ZzPiS4xhJVEajgUSTkS+Xm +NEzDUkpZ+3YyCmFvClXnEKT4m3YVSDR2DzGe4pzjL2d38j9xSR6PKTPelCyWWOgb +GLrDvUfgd3O1jRPCGoWk6eVJjE0frHthqUUt8nZsqGuzvnfKw0pzxorcAqM1Nm31 +FwrAIzyD6kGMrVDTWL+IAcZhmCJqIYxp09V6fn5kX4agJtvA9WrLIVsXjaM2VHSK +B2a8Xtk+g7MBT4OUOl6/c3H3URvXZxEKM2yi/9Mr6DmBo57HMA== +-----END CERTIFICATE----- -- 2.43.0 From 372e60fb7e4e482d1990b7a8bfa2ab5e4a1cd317 Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sun, 24 Mar 2024 10:52:01 -0500 Subject: [PATCH 6/6] Adding a release build now that pull requests are proven. --- .forgejo/workflows/release.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .forgejo/workflows/release.yaml diff --git a/.forgejo/workflows/release.yaml b/.forgejo/workflows/release.yaml new file mode 100644 index 0000000..4487d1f --- /dev/null +++ b/.forgejo/workflows/release.yaml @@ -0,0 +1,30 @@ +on: + push: + branches: + - main + +defaults: + run: + shell: bash + +jobs: + ci_image_release: + runs-on: docker + container: + image: registry.garrity.co:8443/gs/ci-containers:latest + name: 'Build and Release CI Image' + env: + IMAGE_TAG: registry.garrity.co:8443/gs/ci-scala:latest + steps: + - uses: actions/checkout@v4 + name: 'Checkout Repository' + with: + fetch-depth: 0 + - name: 'Pre-Commit' + run: | + pre-commit install + pre-commit run --all-files + - name: 'Build and Push Pre-Release' + run: | + podman build --tag "$IMAGE_TAG" . + podman push "$IMAGE_TAG" -- 2.43.0